Linus is by far the most hardworking youtuber I know, I really appreciate his whole team and Linus himself for producing so much of good contents. Thank you for the hard work you guys do.
It is designed for carrying confidential files and documents, so 4GB is more than enough especially considering the kind of security features it provides. You don't want to buy one of those to transfer your po-rn.
Looks like a really old model since our company was using these many years ago... they are good, but you just need to make sure you can run the automatically launching app on whatever device you're plugging into. This limitation led us to move to portable drives with keypads on them so you can use them anywhere and not just on Windows/Mac PCs.
Typically, flash drives are very low-tech compared to SSDs. A proper SSD will refresh cells and move around data so the storage lasts a lot longer. So if you accidentally delete a file on an SSD, you're mostly screwed because the data cells are refreshed to a zeroed state fairly rapidly. Meanwhile a cheap flash drive doesn't refresh cells until they're filled again. That's why you can typically recover accidentally deleted files from them. More expensive flash drives act more like a proper SSD and will have redundant flash chips, so when segments of memory start to degrade, the data can be remapped to an unmapped area. A very high end 64GB drive may have as much as 128GB of storage, which lets it repair itself despite a massive amount of use.
No mention of encryption of individual files via winrar/7zip? Much easier than most 3rd party applications
7 ปีที่แล้ว +3
Surely. I never said that it isn't 3rd party software. But it is third party software that pretty much everybody has installed anyway. It's also much more reputable in my opinion...
Petr Bělousov zips are OK, as long as you don't decrypt them. If you try to open or use it once, it has to be unziped and stored somewhere to be viewed temporary. This is usually done on the temp directory in Windows. File encryption software on the other hand, may store your 'files' temporary on your RAM, and will be removed once closed. If can be prone to cold boot attacks, however, just make sure you leave your computer shut down for at least a couple of hours first.
Probably should have mentioned that with EFS if you reset or change your Windows password outside of the standard change password option while logged in, such as from another user account or with 3rd party boot media, or delete and recreate your account or reinstall Windows, your files are lost and can't be decrypted.
I've got a video suggestion: Fullscreen! I'm curious as to how fullscreen differs in handling from windowed mode, as well as what all that flickering and re-sizing is when you start a fullscreen program or alt-tab between one (most notable on multi-monitor setups or when the resolution setting is different from the monitor's native).
If you are on a domain, the EFS recovery policy is controlled by the group policy assigned by the Domain Admin security group. EFS assigns the local Administrator user account or the domain Administrator user account as the recovery agent by default. Your EFS encrypted files are not protected from the company on your work computer.
Beginning of video: windows passwords are easy to get around Middle of video: use encryption that ties to your windows password login. Best method I've found is creating a .VHDX (virtual drive), mount it, put your files in, then encrypt that .VHDX with bitlocker.
Very informative and clear cut video as always. I think this is the kind of encryption Google started using on latest version of Android. Keep up the good work.
Presumably other operating systems and file systems offer similar capabilities? Specifically, it'd be interesting to know if EXT4 and Android Linux support this, as we keep a lot more data on our mobile devices which are morel ikely to get misplaced or stolen.
yes! all filesystems support encryption, its just that efs is especially made for the ntfs file system and thus wont work with other systems. android offers whole drive encryption without 3rd party apps, some linux distros also offer whole drive encryption, and encryption of your homefolder aready built in aswell. also on linux you can always download software like truecrypt for both whole drive encryption and file/folder encryption for probably any filesystem.
you can encrypt your phone or just sd card on android. it also depends on the rom if it supports it. but if it does whole phone encryption is generally located under security in the settings menu and for sd encryption it's usually under storage
If someone has a full drive encrypted and the Windows PC is locked, there is virtually no way to access the files on the PC unless someone cold-boots the RAM and gets the key. This is of course, using an up-to-date Windows install on which you can't ask Cortana to unlock the PC. So using the EFS encryption is redundant as the encryption is transparent with the Windows session, as you said.
As a Macintosh user I choose Apple's own entire drive encription + store the most critical data in an encripted .dmg disk image and mount it when needed. macOS can remember both passwords but I only let 2 drives to be auto-mounted at login. (Btw I use hackintosh and have 2 SSDs and 4 HDDs on my build)
Some passwords are just easy enough to recover, however if a high enough level of encryption is used by a program that is secure in how it works, even government supercomputers may struggle to access your data. There is a point however where the encryption level is so high (or even combined), along with such a long password, that you will really be screwed if you forget your password. Any good encryption program has no way to recover things if you forget your password. So be very careful.
there is actually one type of encryption that is. basically the idea is that there are two passwords. one decrypts your computer the other erases the keys. so they threaten you and force you to write a password to decrypt. you provide the second one. then the contents cannot be recovered by anyone including you. they can do whatever they want to you but the data will not be recovered
this is all the stuff you all worried about and wasn't interesting other than to crack. and the all file formats and encrypted keys all that nerdy stuff.
But with EFS you wont be able to share your encrypted folder with others easily. Chances are you want to encrypt a folder and give access to a selected few, I dont think EFS can easily cater for this scenario.
You really should have emphasized that using EFS you MUST have a safe backup of your encryption key. The key used for the encryption exists for that specific user on that one machine, you can't just create a user with the same name and password, plug your drive and hope to read your files on a new PC after the old one died. Those files will be permanently gone which can be catastrophic depending on what files were encrypted. Windows will remind the user to back things up after the first time a file has been encrypted, but many users may just dismiss that dialog, not knowing the risk they're taking. If you recommend EFS, do stress the importance of backing up everything needed for later decryption!
If you put a lock on your data and lose the key, will that be an issue? Hell yes it will. On a quick look, I only found an ancient article on the matter (support.microsoft.com/en-us/help/223316), there should be a newer one unless this one's still valid for up to Windows 10. In short, do back up your certificate or be doomed.
Ok, 2 questions about this: -If the encription is based on my password, what happens, if I simply change my password? Do I lose the files, or does the system reencrypt them, or simply use a stronger encryption form now on, but use the old files as they are? -In case my system goes down.... for example SSD damage... but I have encrypted data on antoher drive, can I access them somehow? Maybe using it in another PC, where I have the same Microsoft Account, and I log in with it?
Forgive me for being ignorant as I'm strictly a Unix/Unix-like user, but asymetric keys for IFE does have one issue and that one must store the private key, I assume it is using some sort of key derivation algorithm based on the users password, or an additional passphrase, otherwise users may be able to find the private key, also wouldn't it be more efficient to encrypt/decrypted a generated symkey for directories and files esspecially the larger ones than using asymmetric encryption on the file itself?
Unless something changed in the recent years EFS is a dangerous abomination. It doesn't encrypt (or even try to hide) filenames and it makes it trivial to lose data by just even reinstalling Windows. Note that even your external drive stored offline in the safe is now unreadable if it was EFS encrypted (or even if the encrypted folders were simply copied) on that machine and you don't have the original certificates (not only the password!). Also there are all kinds of real-life scenarios where even if you are extremely careful you manage somehow to write in an EFS encrypted folder (even if you didn't mean to encrypt) and then if that machine isn't available for whatever reason you can't access that content. Usually when I compare exFAT with NTFS I say it is an advantage for exFAT that it does NOT have encryption (you can have Bitlocker on top of either one, that's fine).
What happens to the encrypted data if the user change his password ? Each file get re-encrypted by the new generated key each time the user changes his passwords?
at the beginning linus said that it is really easy to crack a windows password. If I have a windows password that is 15 characters long, has numbers, dots, capital letters and has special characters its still really hard to crack right?
hey i have lost private key of the user and i have change the operating system itself how can i retrive it back please help me !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Could you please make a video to explain the difference between truecrypt and veracrypt?.. Lots of people say that truecrypt is way better than veracrypt, is that correct? Thanks!
Say you've encrypted a file using windows EFS, and you copy the file over to a new computer (or perhaps you've reformatted the same computer). Is the file recoverable?
Didn't understand a single bit. My bank wants me to send them an encrypted file. THEY asked me to construe a password , which Was communicated over the phone to the bank. so they already have the key to the file that i am supposed to encrypt with that very same password. Now what.
It has been a while but can't you log in on a windows account with the switching of those secret two s32 files I won't mention and then reset password and then login on the account and then access the files?
back in the old days of win 98 se and xp i used a program that would hide and protect it with a pasword, even if you had the drive installed in a another pc or hdd reader those folders won't show and can only be unlocked on the pc that you used it to lock it.
Serious question- I have Bitlocker full disk encryption enabled on my Windows 10 drives (and I run Windows 10 Pro) but realised that my actual User folders aren't encrypted (nor is my OneDrive folder). From watching this video it sounds like I should be enabling encryption here? Is there any risk if I do encrypt them? (eg I read somewhere that older versions of Windows stored decryption keys in the user's AppData folder which could cause an issue if you encrypted the parent folder ie the user directory).
Easiest method i know is to rely on 7zip or Winrar. Create a file with a strong password and put it on the USB flash. There may be other applications but those are easy to use.
Linus is by far the most hardworking youtuber I know, I really appreciate his whole team and Linus himself for producing so much of good contents. Thank you for the hard work you guys do.
"Physically ripping out a drive"
*Shows someone physically removing a monitor*
it could be all in one PC though..
Hold on. Is that a 4GB Flash drive? Is this 2008?
It is designed for carrying confidential files and documents, so 4GB is more than enough especially considering the kind of security features it provides. You don't want to buy one of those to transfer your po-rn.
Looks like a really old model since our company was using these many years ago... they are good, but you just need to make sure you can run the automatically launching app on whatever device you're plugging into. This limitation led us to move to portable drives with keypads on them so you can use them anywhere and not just on Windows/Mac PCs.
yeah theres a problem.
I want 8gb at least, come on 4gb is tiny, at least it isn't 512mb.
Do flash drives last less than 10 years? 4GB is plenty for documents.
Typically, flash drives are very low-tech compared to SSDs. A proper SSD will refresh cells and move around data so the storage lasts a lot longer. So if you accidentally delete a file on an SSD, you're mostly screwed because the data cells are refreshed to a zeroed state fairly rapidly.
Meanwhile a cheap flash drive doesn't refresh cells until they're filled again. That's why you can typically recover accidentally deleted files from them. More expensive flash drives act more like a proper SSD and will have redundant flash chips, so when segments of memory start to degrade, the data can be remapped to an unmapped area. A very high end 64GB drive may have as much as 128GB of storage, which lets it repair itself despite a massive amount of use.
RGB Individual File Encryption
Wow, it has been a long time since your transition to the ad was so seamless... Nice!
2:36 freaked me the hell out...
Because my name is Jack and that looks almost exactly like my login screen 0.0
yeah 😁
@@JackLe1127 lol
This is a acceptable form of sponsoring video's. Thank you linus for seperating ad from info!
Linus your dance moves are amazing 🕺🕺
No mention of encryption of individual files via winrar/7zip? Much easier than most 3rd party applications
Surely. I never said that it isn't 3rd party software. But it is third party software that pretty much everybody has installed anyway. It's also much more reputable in my opinion...
Petr Bělousov zips are OK, as long as you don't decrypt them. If you try to open or use it once, it has to be unziped and stored somewhere to be viewed temporary. This is usually done on the temp directory in Windows. File encryption software on the other hand, may store your 'files' temporary on your RAM, and will be removed once closed. If can be prone to cold boot attacks, however, just make sure you leave your computer shut down for at least a couple of hours first.
@@ashboon1625 what file encryption software does it with ram?
Probably should have mentioned that with EFS if you reset or change your Windows password outside of the standard change password option while logged in, such as from another user account or with 3rd party boot media, or delete and recreate your account or reinstall Windows, your files are lost and can't be decrypted.
I've got a video suggestion: Fullscreen! I'm curious as to how fullscreen differs in handling from windowed mode, as well as what all that flickering and re-sizing is when you start a fullscreen program or alt-tab between one (most notable on multi-monitor setups or when the resolution setting is different from the monitor's native).
I am just saying linus, this video is used by my college to explain file encryption!
Thank you it did help my student understanding in less than 10 minutes
If you are on a domain, the EFS recovery policy is controlled by the group policy assigned by the Domain Admin security group. EFS assigns the local Administrator user account or the domain Administrator user account as the recovery agent by default. Your EFS encrypted files are not protected from the company on your work computer.
Then use EFS on your own domain and not your works lol
multiple +12V rails on one power supply explained would be very helpful right now!
Beginning of video: windows passwords are easy to get around
Middle of video: use encryption that ties to your windows password login.
Best method I've found is creating a .VHDX (virtual drive), mount it, put your files in, then encrypt that .VHDX with bitlocker.
Very informative and clear cut video as always.
I think this is the kind of encryption Google started using on latest version of Android.
Keep up the good work.
Presumably other operating systems and file systems offer similar capabilities? Specifically, it'd be interesting to know if EXT4 and Android Linux support this, as we keep a lot more data on our mobile devices which are morel ikely to get misplaced or stolen.
yes!
all filesystems support encryption, its just that efs is especially made for the ntfs file system and thus wont work with other systems.
android offers whole drive encryption without 3rd party apps, some linux distros also offer whole drive encryption, and encryption of your homefolder aready built in aswell.
also on linux you can always download software like truecrypt for both whole drive encryption and file/folder encryption for probably any filesystem.
you can encrypt your phone or just sd card on android. it also depends on the rom if it supports it. but if it does whole phone encryption is generally located under security in the settings menu and for sd encryption it's usually under storage
Thanks Linus! I was very much wondering about this mode. Looks like it's going off.
It's amazing how far technology has come... To hide porn.
A video on messages encryption on social messengers
Ahmed Shams Simple: There is none.
I USE Whatsapp uses encryption. Snapchat used to have encryption as well, but i don't know if they have it anymore
Hazzycakes I truly believe these are just eye washes for people to make them feel more "secure".
What about Viber? They advertise them-self as the ones using secure encryption?
If someone has a full drive encrypted and the Windows PC is locked, there is virtually no way to access the files on the PC unless someone cold-boots the RAM and gets the key.
This is of course, using an up-to-date Windows install on which you can't ask Cortana to unlock the PC.
So using the EFS encryption is redundant as the encryption is transparent with the Windows session, as you said.
This video has the best transmission into a sponsor part of the video.
Relevant sponsor is relevant (And actually pretty cool) - keep up the good work!
Or just use veracrypt on a usb drive lying around.
EFS gets a bit tricky when you build a new PC and move your HDD across.
omg the ad is actualy usefull for the topic you discussed... therefor i watched the whole video :D thumbs up!
Damn, that was a smooth ad spot integration.
As a Macintosh user I choose Apple's own entire drive encription + store the most critical data in an encripted .dmg disk image and mount it when needed. macOS can remember both passwords but I only let 2 drives to be auto-mounted at login.
(Btw I use hackintosh and have 2 SSDs and 4 HDDs on my build)
No level of encription is safe from thermorectal password recovery toolkit.
Mordewolt beating the shit outta someone until they give it to you?
No. Sticking a red hot iron bar up their butt until they give up. Thermo-rectal.
We're not savages. We use soldering iron
Some passwords are just easy enough to recover, however if a high enough level of encryption is used by a program that is secure in how it works, even government supercomputers may struggle to access your data. There is a point however where the encryption level is so high (or even combined), along with such a long password, that you will really be screwed if you forget your password. Any good encryption program has no way to recover things if you forget your password. So be very careful.
there is actually one type of encryption that is. basically the idea is that there are two passwords. one decrypts your computer the other erases the keys. so they threaten you and force you to write a password to decrypt. you provide the second one. then the contents cannot be recovered by anyone including you. they can do whatever they want to you but the data will not be recovered
I just .zip it with a strong password.
Use 7zip with the .7z extension you can use AES-256 encryption.
this is all the stuff you all worried about and wasn't interesting other than to crack. and the all file formats and encrypted keys all that nerdy stuff.
JR What?!?
idk all the nerdy stuff you trying keep secret man and conspiracies over there Lol
Does anybody know what he's trying to say? I can't understand that gibberish...
yay, a sponsor that is relevant
Do I need to download a .exe of RAM?
I'm Back. NEVER download .exe's of RAM, ALWAYS DOWNLOAD .zip's , so you don't get viruses!!!
Forget hardware level encryption, we need Linus level encryption.
Linus is so damn charismatic!
But with EFS you wont be able to share your encrypted folder with others easily. Chances are you want to encrypt a folder and give access to a selected few, I dont think EFS can easily cater for this scenario.
Motivation for file system encryption
you guy should do a vid on dobii eye tracking
Guys, your videos are the best!!!!!!!!!!!!! Many thanks
Video suggestions? Best 1080Ti on the market, and if you get your hands on the Asus poseidon even better.
You really should have emphasized that using EFS you MUST have a safe backup of your encryption key. The key used for the encryption exists for that specific user on that one machine, you can't just create a user with the same name and password, plug your drive and hope to read your files on a new PC after the old one died. Those files will be permanently gone which can be catastrophic depending on what files were encrypted.
Windows will remind the user to back things up after the first time a file has been encrypted, but many users may just dismiss that dialog, not knowing the risk they're taking. If you recommend EFS, do stress the importance of backing up everything needed for later decryption!
If I do use EFS on external HDD and if I were to reformat my main drive and reinstall windows for whatever issue, will that be an issue?
If you put a lock on your data and lose the key, will that be an issue? Hell yes it will. On a quick look, I only found an ancient article on the matter (support.microsoft.com/en-us/help/223316), there should be a newer one unless this one's still valid for up to Windows 10.
In short, do back up your certificate or be doomed.
Hey it would be cool if you disclosed the sponsorship more like writing sponsored top of the description box.
Oh god the transition to the ad. I'm crying 😂
If I forgot to delete those letters, what makes you think I'll remember to encrypt them?
Ok, 2 questions about this:
-If the encription is based on my password, what happens, if I simply change my password?
Do I lose the files, or does the system reencrypt them, or simply use a stronger encryption form now on, but use the old files as they are?
-In case my system goes down.... for example SSD damage... but I have encrypted data on antoher drive, can I access them somehow? Maybe using it in another PC, where I have the same Microsoft Account, and I log in with it?
sooo what happens to the flash drive if you clone it to another none encrypted USB drive and then try to break into the cloned copy of the USB drive?
I suppose that you forgot to add links of mentioned videos...
Hey Linus will you please do a video on the history of Truecrypt?
The buildin windows EFS file encryption is only available in pro or enterprise editions not in your home version
i used this encryption from windows once, copy the paste to a usb and opened on my laptop, the files were not encrypted. What i did wrong?
alright, what about a video on how to break encryption?
Forgive me for being ignorant as I'm strictly a Unix/Unix-like user, but asymetric keys for IFE does have one issue and that one must store the private key, I assume it is using some sort of key derivation algorithm based on the users password, or an additional passphrase, otherwise users may be able to find the private key, also wouldn't it be more efficient to encrypt/decrypted a generated symkey for directories and files esspecially the larger ones than using asymmetric encryption on the file itself?
Unless something changed in the recent years EFS is a dangerous abomination. It doesn't encrypt (or even try to hide) filenames and it makes it trivial to lose data by just even reinstalling Windows. Note that even your external drive stored offline in the safe is now unreadable if it was EFS encrypted (or even if the encrypted folders were simply copied) on that machine and you don't have the original certificates (not only the password!).
Also there are all kinds of real-life scenarios where even if you are extremely careful you manage somehow to write in an EFS encrypted folder (even if you didn't mean to encrypt) and then if that machine isn't available for whatever reason you can't access that content.
Usually when I compare exFAT with NTFS I say it is an advantage for exFAT that it does NOT have encryption (you can have Bitlocker on top of either one, that's fine).
Please comment more on that sir. I mean it
Can I recover the EFS keys in the windows.old after a formatting?
I had a coworker encrypt a document so as to do no work on the group project. Can I open the encrypted document in any way?
how secure is putting a password on a compressed/zipped folder? or is that what he's talking about?
0:11 srsly? i was totally expecting a picture of linus' sandals just there.
What happens to the encrypted data if the user change his password ? Each file get re-encrypted by the new generated key each time the user changes his passwords?
Dennis is right you have 2 used that dance move before!! Get Him Dennis Hold him down and give him 10 Purple Nurples !!
And if you mess up your windows and have to reinstall? Do your files remain crypted forever?
Well, I just use CBC AES 256-bit encryption for my files (created a simple C# program to encrypt videos), I will be probably fine.
How about one for, TPM / trusted platform module!? :-)
Pleas do a video of VSR and DSR
But what if I change my Windows Account password after encrypting my files?
Nice video , Can you tell me how to decrypt sd card after factory reset ? Is there any way out to decrypt sd card after factory reset.
at the beginning linus said that it is really easy to crack a windows password. If I have a windows password that is 15 characters long, has numbers, dots, capital letters and has special characters its still really hard to crack right?
5:04 Nice safe there
hey i have lost private key of the user and i have change the operating system itself how can i retrive it back
please help me !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Could you please make a video to explain the difference between truecrypt and veracrypt?.. Lots of people say that truecrypt is way better than veracrypt, is that correct? Thanks!
Can I open NTFS encrypted files if I change log in password by editing SAM database outside windows?
How are 4GB USB drives still a thing in 2017?
quick question; its greyed out for me. ive tried regedit and a cmd command for it but it doesn't do any good. any tips?
Say you've encrypted a file using windows EFS, and you copy the file over to a new computer (or perhaps you've reformatted the same computer). Is the file recoverable?
Wouldn't EFS be susceptible to.. iunno KonBoot? It lets someone enter a Windows user account without password, depending on platform.
make a video on compressing a file . how it decreases the file size
Didn't understand a single bit. My bank wants me to send them an encrypted file. THEY asked me to construe a password , which Was communicated over the phone to the bank. so they already have the key to the file that i am supposed to encrypt with that very same password. Now what.
It has been a while but can't you log in on a windows account with the switching of those secret two s32 files I won't mention and then reset password and then login on the account and then access the files?
you should make a video about bitcoin and others cryptocurrencies, they are booming right now
good id
And bitcoin mining
Henrique Lima they already did on the NCIX channel
dat boi ?
click me to support a small TH-camr and help me grow
good ad placement
back in the old days of win 98 se and xp i used a program that would hide and protect it with a pasword, even if you had the drive installed in a another pc or hdd reader those folders won't show and can only be unlocked on the pc that you used it to lock it.
the Folder Lock
Cool Video, keep it up!
You must now do the subscribe dance at the end of every video!
dows not work with other alfa antenas such as AWUS036NHR which haw Chipset RTL8188RU
Is Glasswire the best firrewall and tracker SW?
Serious question- I have Bitlocker full disk encryption enabled on my Windows 10 drives (and I run Windows 10 Pro) but realised that my actual User folders aren't encrypted (nor is my OneDrive folder). From watching this video it sounds like I should be enabling encryption here? Is there any risk if I do encrypt them? (eg I read somewhere that older versions of Windows stored decryption keys in the user's AppData folder which could cause an issue if you encrypted the parent folder ie the user directory).
My computer file is ALKA virus how to remove
ome dude in my town sells a Gigabyte gtx 560for 35 € ( 38 Dollar ). Should i get it?
Do you know how to download RAM without having to watercool my wifi card?
Push Notifications As Fast As Possible
OR the sandisk cruiser glide 16 gb aes 128 bit drive
incredibly difficult? i would say with veracrypt or also still truecrypt it's impossible to access encrypted partitions without the password..
Touchscreens as fast as possible?
3:52 wouldn't want snoop dogg to uncover my weed hehe..he..;-;
EFS works until your login gets corrupted, and then you lose access to the last 10 years of tax returns, hopefully no audits coming down...
could windirstat show the files you encrypted?
Miguel caruana if you leave it with a file extension, yes. But if there is no file extension, no.
How can you encrypt USB drive? If is already in use
Easiest method i know is to rely on 7zip or Winrar. Create a file with a strong password and put it on the USB flash. There may be other applications but those are easy to use.
@@bite12344 winrar
How does virus encryption work? Why antiviruses can't detect encrypted virus files?
Best method is saving an encrypted file on a DVD-RAM, noone will even touch them c: Also the built in defect management trumps all optical media :D
4gb flash drive? Is this 2010?
Has a cmd command hidden folder.
Was this not on floatplane?